Add minilinux download functionality and ipxe compilation scripts

5 files changed, 169 insertions, 11 deletions

diff --git a/modules/adduser.inc.php b/modules/adduser.inc.php
index 04b6044f..f152643b 100644
--- a/modules/adduser.inc.php
+++ b/modules/adduser.inc.php
@@ -10,6 +10,9 @@ if (isset($_POST['action']) && $_POST['action'] === 'adduser') {
 	} elseif ($_POST['pass1'] !== $_POST['pass2']) {
 		Message::addError('password-mismatch');
 		Util::redirect('?do=adduser');
+	} elseif (Database::queryFirst('SELECT userid FROM user LIMIT 1') !== false) {
+		Message::addError('adduser-disabled');
+		Util::redirect('?do=session&action=login');
 	} else {
 		$data = array(
 			'user'       => $_POST['user'],
@@ -22,17 +25,18 @@ if (isset($_POST['action']) && $_POST['action'] === 'adduser') {
 		if (Database::exec('INSERT INTO user SET login = :user, passwd = :pass, fullname = :fullname, phone = :phone, email = :email', $data) != 1) {
 			Util::traceError('Could not create new user in DB');
 		}
-		$adduser_success = true;
+		// Make it superadmin if first user. This method sucks as it's a race condition but hey...
+		$ret = Database::queryFirst('SELECT Count(*) AS num FROM user');
+		if ($ret !== false && $ret['num'] == 1) {
+			Database::exec('UPDATE user SET permissions = 1');
+		}
+		Message::addInfo('adduser-success');
+		Util::redirect('?do=session&action=login');
 	}
 }
 
 function render_module()
 {
-	// A user was added. Show success message and bail out
-	if (isset($adduser_success)) {
-		Message::addInfo('adduser-success');
-		return;
-	}
 	// No user was added, check if current user is allowed to add a new user
 	// Currently you can only add users if there is no user yet. :)
 	if (Database::queryFirst('SELECT userid FROM user LIMIT 1') !== false) {
diff --git a/modules/ipxe.inc.php b/modules/ipxe.inc.php
new file mode 100644
index 00000000..869f4c72
--- /dev/null
+++ b/modules/ipxe.inc.php
@@ -0,0 +1,35 @@
+<?php
+
+User::load();
+
+if (!User::hasPermission('superadmin')) {
+	Message::addError('no-permission');
+	Util::redirect('?do=main');
+}
+
+if (isset($_POST['action'])) {
+	if ($_POST['action'] === 'compile') {
+		if (!Util::verifyToken()) {
+			Util::redirect('?do=main');
+		}
+	}
+}
+
+function render_module()
+{
+	$ips = array();
+	$current = CONFIG_IPXE_DIR . '/last-ip';
+	if (file_exists($current)) $current = file_get_contents($current);
+	exec('/bin/ip a', $retval);
+	foreach ($retval as $ip) {
+		if (preg_match('#inet (\d+\.\d+\.\d+\.\d+)/\d+.*scope#', $ip, $out) && $out[1] !== '127.0.0.1') {
+			$ips[] = array(
+				'ip'       => $out[1],
+				'current'  => ($out[1] == $current)
+			);
+		}
+	}
+	Render::addTemplate('page-ipxe', array('ips' => $ips, 'token' => Session::get('token')));
+}
+
+
diff --git a/modules/main.inc.php b/modules/main.inc.php
index 007fb296..31aef55e 100644
--- a/modules/main.inc.php
+++ b/modules/main.inc.php
@@ -6,14 +6,20 @@ function render_module()
 {
 	// Render::setTitle('abc');
 	
-	Render::openTag('h1', array('class' => 'wurst kacke'));
-	Render::closeTag('h1');
-	
 	if (!User::isLoggedIn()) {
 		Render::addTemplate('page-main-guest');
 		return;
 	}
 	// Logged in here
-	Render::addTemplate('page-main', array('user' => User::getName()));
+	$ipxe = true;
+	$file = CONFIG_IPXE_DIR . '/last-ip';
+	if (file_exists($file)) {
+		$last = file_get_contents($file);
+		exec('/bin/ip a', $ips);
+		foreach ($ips as $ip) {
+			if (preg_match("#inet $last/\d+.*scope#", $ip)) $ipxe = false;
+		}
+	}
+	Render::addTemplate('page-main', array('user' => User::getName(), 'ipxe' => $ipxe));
 }
 
diff --git a/modules/minilinux.inc.php b/modules/minilinux.inc.php
new file mode 100644
index 00000000..3508fb43
--- /dev/null
+++ b/modules/minilinux.inc.php
@@ -0,0 +1,86 @@
+<?php
+
+User::load();
+
+if (!User::hasPermission('superadmin')) {
+	Message::addError('no-permission');
+	Util::redirect('?do=main');
+}
+
+function render_module()
+{
+	$files = array();
+	checkFile($files, 'kernel');
+	checkFile($files, 'initramfs-stage31');
+	checkFile($files, 'stage32.sqfs');
+	checkFile($files, 'vmware.sqfs');
+	Render::addTemplate('page-minilinux', array('files' => $files, 'token' => Session::get('token')));
+}
+
+function checkFile(&$files, $name)
+{
+	static $someId = 0;
+	$remote = CONFIG_REMOTE_ML . "/${name}.md5";
+	$localTarget = CONFIG_HTTP_DIR . "/default/${name}";
+	$local = "${localTarget}.md5";
+	$localLock = "${localTarget}.lck";
+
+	// Maybe already in progress?
+	if (file_exists($localLock)) {
+		$data = explode(' ', file_get_contents($localLock));
+		if (count($data) == 2) {
+			$pid = (int)$data[0];
+			if (posix_kill($pid, 0)) {
+				$files[] = array(
+					'file'     => $name,
+					'id'       => 'id' . $someId++,
+					'pid'      => $pid,
+					'progress' => $data[1]
+				);
+				return true;
+			} else {
+				unlink($localLock);
+			}
+		 } else {
+			unlink($localLock);
+		 }
+	}
+
+	// Not in progress, normal display
+	if (!file_exists($local) || filemtime($local) + 300 < time()) {
+		if (file_exists($localTarget)) {
+			$existingMd5 = md5_file($localTarget);
+		} else {
+			$existingMd5 = '<missing>';
+		}
+		if (file_put_contents($local, $existingMd5) === false) {
+			@unlink($local);
+			Message::addWarning('error-write', $local);
+		}
+	} else {
+		$existingMd5 = file_get_contents($local);
+	}
+	$existingMd5 = strtolower(preg_replace('/[^0-9a-f]/is', '', $existingMd5));
+	$remoteMd5 = Util::download($remote, 3, $code);
+	$remoteMd5 = strtolower(preg_replace('/[^0-9a-f]/is', '', $existingMd5));
+	if ($code != 200) {
+		Message::addError('remote-timeout', $remote);
+		return false;
+	}
+	if ($existingMd5 === $remoteMd5) {
+		// Up to date
+		$files[] = array(
+			'file'     => $name,
+			'id'       => 'id' . $someId++,
+		);
+		return true;
+	}
+	// New version on server
+	$files[] = array(
+		'file'        => $name,
+		'id'          => 'id' . $someId++,
+		'update'      => true
+	);
+	return true;
+}
+
diff --git a/modules/sysconfig.inc.php b/modules/sysconfig.inc.php
index d5300194..f10446ed 100644
--- a/modules/sysconfig.inc.php
+++ b/modules/sysconfig.inc.php
@@ -27,6 +27,33 @@ if (isset($_POST['action']) && $_POST['action'] === 'upload') {
 	Util::redirect('?do=sysconfig');
 }
 
+if (isset($_REQUEST['action']) && $_REQUEST['action'] === 'activate') {
+	if (!Util::verifyToken()) {
+		Util::redirect('?do=sysconfig');
+	}
+	if (!User::hasPermission('superadmin')) {
+		Message::addError('no-permission');
+		Util::redirect('?do=sysconfig');
+	}
+	if (!isset($_REQUEST['file'])) {
+		Message::addError('missing-file');
+		Util::redirect('?do=sysconfig');
+	}
+	$file = preg_replace('/[^a-z0-9\-_\.]/', '', $_REQUEST['file']);
+	$path = CONFIG_TGZ_LIST_DIR . '/' . $file;
+	if (!file_exists($path)) {
+		Message::addError('invalid-file', $file);
+		Util::redirect('?do=sysconfig');
+	}
+	mkdir(CONFIG_HTTP_DIR . '/default', 0755, true);
+	$linkname = CONFIG_HTTP_DIR . '/default/config.tgz';
+	@unlink($linkname);
+	if (file_exists($linkname)) Util::traceError('Could not delete old config.tgz link!');
+	if (!symlink($path, $linkname)) Util::traceError("Could not symlink to $path at $linkname!");
+	Message::addSuccess('config-activated');
+	Util::redirect('?do=sysconfig');
+}
+
 function render_module()
 {
 	if (!isset($_REQUEST['action'])) $_REQUEST['action'] = 'list';
@@ -52,7 +79,7 @@ function list_configs()
 	$files = array();
 	foreach (glob(CONFIG_TGZ_LIST_DIR . '/*.tgz') as $file) {
 		$files[] = array(
-			'file' => $file
+			'file' => basename($file)
 		);
 	}
 	Render::addTemplate('page-tgz-list', array('files' => $files, 'token' => Session::get('token')));